package fab_api;

import java.io.IOException;
import java.security.cert.CertificateException;  
import java.security.cert.X509Certificate;  
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;  
import javax.net.ssl.X509TrustManager;

import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.ClientConnectionManager;  
import org.apache.http.conn.scheme.Scheme;  
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;  
//用于进行Https请求的HttpClient  
public class SSLClient extends DefaultHttpClient{  
    public SSLClient() throws Exception{  
      /*  super();  
        SSLContext ctx = SSLContext.getInstance("SSL");  
        X509TrustManager tm = new X509TrustManager() {  
                @Override  
                public void checkClientTrusted(X509Certificate[] chain,  
                        String authType) throws CertificateException {  
                }  
                @Override  
                public void checkServerTrusted(X509Certificate[] chain,  
                        String authType) throws CertificateException {  
                }  
                @Override  
                public X509Certificate[] getAcceptedIssuers() {  
                    return null;  
                }  
        };  
        ctx.init(null, new TrustManager[]{tm}, null);  */
    	SSLContextBuilder builder = SSLContexts.custom();
    	builder.loadTrustMaterial(null, new TrustStrategy() {
    	    @Override
    	    public boolean isTrusted(X509Certificate[] chain, String authType)
    	            throws CertificateException {
    	        return true;
    	    }
    	});
    	SSLContext sslContext = builder.build();
    	SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
    	        sslContext, new X509HostnameVerifier() {
    	            @Override
    	            public void verify(String host, SSLSocket ssl)
    	                    throws IOException {
    	            }

    	            @Override
    	            public void verify(String host, X509Certificate cert)
    	                    throws SSLException {
    	            }

    	            @Override
    	            public void verify(String host, String[] cns,
    	                    String[] subjectAlts) throws SSLException {
    	            }

    	            @Override
    	            public boolean verify(String s, SSLSession sslSession) {
    	                return true;
    	            }
    	        });

    	Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder
    	        .<ConnectionSocketFactory> create().register("https", sslsf)
    	        .register("http", new PlainConnectionSocketFactory()).build();

    	PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(
    	        socketFactoryRegistry);
     /*   SSLSocketFactory ssf = new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);  
        ClientConnectionManager ccm = this.getConnectionManager();  
        SchemeRegistry sr = ccm.getSchemeRegistry();  
        sr.register(new Scheme("https", 443, ssf)); */ 
    }  
}  
